- From: Dave Longley <dlongley@digitalbazaar.com>
- Date: Mon, 5 Nov 2018 14:38:00 -0500
- To: Joe Andrieu <joe@legreq.com>, public-credentials@w3.org
On 11/05/2018 01:38 PM, Joe Andrieu wrote: > Adam, > > I agree. I think we're on the same page: the authorization happens at > the issuance of the capability (ignoring any separation of creation & > transmittal). Hence, my preference for the past participle "authorized". > The semantics are that if you have the auth* capability, you can > exercise the capability because the capability *has* been authorized. > > Flip it around and it might be clearer. To my reading, an "unauthorized > capability" would be like stolen car keys. You have the capability, but > you aren't authorized. In contrast, an "unauthorization capability" > reads to me that you have the capability to remove authorization, to > unauthorize something. > > The past participle, "authorized" reads as modifying capability, whereas > the little known FCE nounification [1] of "authorize" into > "authorization" reads as the capability to do the verb "authorize" This is a convincing argument to me. > > To add another coat of paint to the zCap thing. Since zkp seems to have > run away with the zzzzs, ACap might work well with either Auth* Capability. > > -j > > [1] > http://www.tinyteflteacher.co.uk/learning-english/FCE/word-formation-ion-nouns.html FWIW, > I knew all about gerunds "-ing" noun forms. I didn't know about FCE > until Google enlightened me. > > On Mon, Nov 5, 2018, at 9:47 AM, Adam Lake wrote: >> >> Joe, >> >> I think I get your point but don't the capabilities exist prior to be >> used? That is, they are Authorization Capabilities until they are used >> to delegate, or authorize, a capability? >> >> I agree that Authorized Capabilities flows off the tongue a bit easier >> than Authorization Capabilities. >> >> Adam >> >> >> On 11/3/2018 2:10 PM, Joe Andrieu wrote: >>> +1/2 >>> >>> I like changing it, but I would suggest Authorized Capabilities. >>> >>> First, it's easier to say. >>> >>> Second, it states the actual function more clearly: if you have an >>> authorized capability, you're authorized. If you have a zCap, you're >>> authorized. Or, in the inevitable vernacular, if you have a >>> capability, you're authorized. >>> >>> "Authorization Capability" reads to me as if the holder has the >>> capability to authorize--which is only true if its delegatable and >>> not true in the generalized case. >>> >>> Bikeshed on... >>> >>> -j >>> >>> >>> On Sat, Nov 3, 2018, at 9:40 AM, Darrell O'Donnell wrote: >>>> +1 >>>> >>>> >>>> *Darrell O'Donnell, P.Eng.* >>>> >>>> darrell.odonnell@continuumloop.com >>>> <mailto:darrell.odonnell@continuumloop.com> >>>> >>>> >>>> >>>> >>>> >>>> On Sat, Nov 3, 2018 at 12:24 PM Brent Zundel >>>> <brent.zundel@evernym.com <mailto:brent.zundel@evernym.com>> wrote: >>>> >>>> +1 >>>> >>>> On Sat, Nov 3, 2018, 10:14 Jordan, John CITZ:EX >>>> <John.Jordan@gov.bc.ca <mailto:John.Jordan@gov.bc.ca> wrote: >>>> >>>> +1 >>>> >>>> > On Nov 3, 2018, at 08:27, Manu Sporny >>>> <msporny@digitalbazaar..com >>>> <mailto:msporny@digitalbazaar.com>> wrote: >>>> > >>>> > Hi all, >>>> > >>>> > This is related to the OCAP-LD spec that some of us are >>>> working on in >>>> > this community: >>>> > >>>> > https://w3c-ccg.github.io/ocap-ld/ >>>> > >>>> > Digital Bazaar's engagement with customers over the past >>>> several months >>>> > wrt. the term "Object Capabilities" has resulted in >>>> confusion around >>>> > exactly what an Object Capability is. >>>> > >>>> > Some history -- the "Object Capabilities" name was >>>> originally picked to >>>> > differentiate from the "Linux Capabilities" stuff, which >>>> really didn't >>>> > have much to do with capabilities (in the authorization >>>> sense). Object >>>> > Capabilities makes more sense when you're talking about >>>> programming >>>> > languages, but we don't really use it in that sense in >>>> this community. >>>> > >>>> > I propose we name the specification more appropriately in >>>> the hope that >>>> > the name evokes what we're actually doing with the >>>> specification. The >>>> > technology we're developing in this community specifically >>>> has to do >>>> > with Authorization... capability-based authorization. >>>> Thus, I'm >>>> > suggesting the spec is renamed to "Authorization >>>> Capabilities"... >>>> > shortened to "zCaps" for the cool kids in the community. >>>> > >>>> > Also, this is a bike shed discussion, so I fully expect it >>>> to get out of >>>> > hand and for us to have to do a poll like we did for the >>>> Verifiable >>>> > Credentials terminology. Please only suggest names that >>>> you're committed >>>> > to using with your customers (or that you would use with >>>> non-technical >>>> > folks). If we get a bunch of +1s with no strong >>>> objections, we're >>>> > done... and yes, I know that's wishful thinking. :) >>>> > >>>> > -- manu >>>> > >>>> > -- >>>> > Manu Sporny (skype: msporny, twitter: manusporny, G+: >>>> +Manu Sporny) >>>> > Founder/CEO - Digital Bazaar, Inc. >>>> > blog: Veres One Decentralized Identifier Blockchain Launches >>>> > https://tinyurl.com/veres-one-launches >>>> > >>>> >>> >>> -- >>> Joe Andrieu, PMP joe@legreq.com <mailto:joe@legreq.com> >>> LEGENDARY REQUIREMENTS +1(805)705-8651 >>> Do what matters. http://legreq.com <http://www.legendaryrequirements.com> >>> >>> >> >> -- >> Adam Lake >> Director, Business Development >> Digital Bazaar >> Veres.io >> 540-285-0083 > > -- > Joe Andrieu, PMP joe@legreq.com <mailto:joe@legreq.com> > LEGENDARY REQUIREMENTS > +1(805)705-8651 > Do what matters. http://legreq.com <http://www.legendaryrequirements.com> > > -- Dave Longley CTO Digital Bazaar, Inc. http://digitalbazaar.com
Received on Monday, 5 November 2018 19:38:36 UTC